Network Intrusion Detection using Zeek logs
Project description
Network Intrusion Detection System (NIDS)
Purpose
This repository is dedicated to developing a Network Intrusion Detection System (NIDS) utilizing unsupervised machine learning techniques such as KitNET, Autoencoder, and Isolation Forest.
Data Description
The input data for this system is Zeek conn logs. The data is unstructured, with variations in columns across different instances.
Code Description
- data_preprocess.py: This script preprocesses data specifically for the KitNET model.
- train_kitnet.py: Contains code for training a KitNET model on HSRN data, using parameters from the best model. Use the argument to specify the date of the data to be trained on, for example, 2023-11-19.
- pred_kitnet.py: This script processes data from the "current" folder, which stores new data, and preprocesses it for the KitNET model.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
AutoZeekWatch-0.1.1.tar.gz
(14.8 kB
view hashes)
Built Distribution
Close
Hashes for AutoZeekWatch-0.1.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 9f0fc0affcfb2a2be9978127b59cdf3db1c3f3f2dfbd1f93533652a074315bf9 |
|
MD5 | 682ee5505ed1642324cd0a8d083b6036 |
|
BLAKE2b-256 | 115b80d42c9460a059158c40d1306c895d0e9654ff61b94cadea6900a28686fa |